This topic provides the links to setup ELK.

1. Download the Elastic search from https://www.elastic.co/downloads/elasticsearchhttps://www.elastic.co/downloads/elasticsearch.
2. Download the Kibana from https://www.elastic.co/downloads/kibanahttps://www.elastic.co/downloads/kibana.
3. Download the Logstash from https://www.elastic.co/downloads/logstashhttps://www.elastic.co/downloads/logstash.

   Note:

   The default ports are as follows:

   • Elastic search - 9200

   • Kibana - 5601

Step to run ELK:

4. Run the elasticsearch.sh file present in the folder path /scratch/software/ELK/elasticsearch-6.5.1/bin.
   • Edit network.host to localhost and port if necessary. This should be enough for it to run.
   • Start: nohup bin/elasticsearch &
5. Configure the Kibana to point the running instance of elastic search in the kibana.yml file.

   Figure 1-12 Logstash Configuration

   
   

   
   Description of "Figure 1-12 Logstash Configuration"

   
   
6. Follow the below steps to configure the Logstash.
   1. Input: This configuration is required to provide the log file location for the Logstash to read from.
   2. Filter: Filters in Logstash is basically used to control or format the read operation (Line by line or Bulk read).
   3. Output: This provides the running elastic search instance to send the data for persisting.

      Figure 1-13 Kibana

      
      

      
      Description of "Figure 1-13 Kibana"

      
      

      Figure 1-14 Kibana

      
      

      
      Description of "Figure 1-14 Kibana"